[Samba] Samba 3.6 -> 4.2 upgrade on FreeBSD

Sun Jul 5 14:19:45 UTC 2015

On 05/07/15 14:59, Andrea Venturoli wrote:
> On 07/04/15 13:04, Rowland Penny wrote:
>
>> Hi, never used freebsd, but 4.2 is not just an AD DC, it is also
>> supposed to be a replacement for the old 3.6 series and work in the same
>> way.
>
> That's what I'm trying to achieve.
>
>
>
>> There are some changes to what can and cannot go into smb.conf, but
>> these are minor and can easily be identified by reading the smb.conf
>> manpage and the samba release notes.
>
> I got some warnings about "idmap backend" being deprecated, but I 
> think I solved; also they only were warnings.
>
>
>
>> Does anything start ?
>
> Sure: two instances of nmbd, one of smbd and three of winbindd.
>
>
>
>> Is there anything in the log files ?
>
> Nothing special:
> _ log.nmbd ends with "become_logon_server_success: Samba is now a 
> logon server for workgroup VENTU on subnet 10.1.2.13";
> _ log.smbd complains about not being able to retrieve printer list, 
> but I'm not interested in printing;
> _ log.winbindd says it's ready.
>
> Also, sockets are open (port 137,138, 139 and 445) and there's a 
> couple of connections from smbd to slapd.
>
>
>
>> what is your smb.conf ?
>
> Here's my global section:
>> [global]
>>         log level=1
>>         unix password sync=no
>>         workgroup = VENTU
>>         server string = SOTH
>>         load printers=no
>>         max log size=50000
>>         security = user
>>         encrypt passwords = yes
>>         interfaces = nfe0 10.1.2.13/24
>>         local master = yes
>>         os level = 255
>>         domain master = yes
>>         preferred master = yes
>>         domain logons = yes
>>         logon script=netlogon.cmd %U
>>         wins support = yes
>>         wins proxy = yes
>>         dns proxy = no
>>         ldap admin dn="cn=root,dc=ventu"
>>         ldap ssl=off
>>         ldap suffix="dc=ventu"
>>         passdb backend = ldapsam
>>         ea support=yes
>>         map hidden=no
>>         map system=no
>>         map archive=no
>>         idmap config * : backend=ldap:ldap://localhost
>>         ldap idmap suffix="dc=ventu"
>>         hosts allow = 127. 10.1.2.
>>         name resolve order = wins
>>         time server = no
>>         map archive = No
>>         hide dot files=no
>>         lm announce=auto
>>         logon path=
>>         logon home=
>>         unix extensions=no
>>         mangled names=no
>>         winbind use default domain=yes
>
>

Did the smb.conf above work on samba 3.6 ?

I would have expected the ldap lines to be something like these:

passdb backend = ldapsam:ldap://127.0.0.1
ldap suffix="dc=ventu"
ldap machine suffix = ou=machines
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn="cn=root,dc=ventu"
ldap delete dn = no

Rowland

>
>
>
> "smbclient -U andrea -I 10.1.2.13 -L //soth" asks for a password, but 
> then dumps core (it doesn't matter if the given password is right or 
> wrong).
>
> "wbinfo -u" correctly retrieves the user list, but PAM authentication 
> (through pam_winbind.so) fails.
>
>
>
>
> So you confirm there is nothing special I had to do, but didn't?
> I'd like to make sure I'm not wasting time, before I compile with 
> debugging info, raise log levels, etc...
>
>
>
>  bye & Thanks
>     av.